#!/usr/bin/env python3

from pwn import *
import random
from Cryptodome.Cipher import ChaCha20
from Cryptodome.Util.number import long_to_bytes

HOST = "130.192.5.212"
PORT = "6561"
#Using the same seed I generate the same random numbers
#in the same order
# Repeating a nonce with the same key
# reveals the XOR of two different messages, which allows decryption.
seed = 123
nlen = 12*8
random.seed(seed)
nonce = random.getrandbits(nlen)
print(f"Nonce:{nonce}")
random.seed(seed)
nonce1 = random.getrandbits(nlen)
#Use this nonce
print(f"Nonce1:{nonce1}")
print(long_to_bytes(nonce1).hex())
# Used nonce
flag="81d36783bb44a32f060a30aa0551f71c12d81a888dfdd8c317dd3afd0905db796357dbb8642a2c9eae2ab1db2eb7"
flag = bytes.fromhex(flag)
amsg="83c07f92ae4ad05b3c7e10dd7472856c63b43df8f588b4b660aa4a917170ab5a0f73fb9b120e5ce78b08c0ad5c8b"
amsg = bytes.fromhex(amsg)
apayload = b'A'*46
ks = bytes(m ^ a for m,a in zip(amsg,apayload))
fflag = bytes(f ^ k for f,k in zip(flag,ks))
print(fflag)
#ks= bytes([f ^ a for f,a in zip(bytes.fromhex(b'A'*46),bytes.fromhex(amsg))])
#print(bytes([f ^ a for f,a in zip(flag,ks)]))